OSDN -- Develop and Download Open Source Software

RSS
Download List

Project Description

grsecurity is a complete security system for Linux 2.4 and 2.6 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.

System Requirements

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2005-01-25 01:17
2.1.1

This release adds gradm bugfixes, more configurable learning heuristics,
automatic tty sniffing detection in the RBAC system, and fixes for
hidden file support.
Tags: Stable, Minor bugfixes

2005-01-07 23:09
2.1.0

Changes in this version include PaX updates, a new configuration file for full learning, updated learning heuristics, id transitions in learning, grlearn performance enhancements, significant RBAC performance enhancements, a new inheritance-based learning mode, a destruction of unused shared memory feature from Openwall, an option for sysctl that enables all grsecurity options at boot-time, policy statistics in gradm, and a hardlink object mode in the RBAC system. This version has been released for the 2.4.28 and 2.6.10 kernels.
Tags: Stable, Major feature enhancements

2004-11-21 05:01
2.0.2

This release includes PaX updates, chroot restriction fixes, RBAC fixes, a complete logging system rewrite, and dramatic memory and CPU usage improvements for learning analysis and policy auto-generation.
Tags: Stable, Minor bugfixes

2004-08-08 15:46
2.0.1

Domain support was added. Regex matching was
enhanced. Automatic exploit bruteforce deterrence
was added. Directories are included in RBAC
configuration. RBAC-contextual logging was added.
Memory usage was reduced. PaX was updated.
Bugfixes were made. An important security issue
that allowed protected processes in the RBAC
system to be killed has been resolved. gradm has
been updated to 2.0.1 for this release.
Tags: Stable, Major feature enhancements

2004-04-18 07:41
2.0

This release features role-based access control allowing user,
group, and special roles, role transition tables, IP-based roles,
non-root access to special roles, and special roles that require
no authentication. It supports finer-grained object permissions
as well as kernel interpretation of inheritance and globbed
objects. Full pathnames for the offending process and parent
process are included in all logs. It is able to produce least
privilege policies for the entire system with no configuration.
Tags: Stable, Major feature enhancements

Project Resources

Project Page Download: Changelog Download: CVS Home Page